35 lines
927 B
Diff
35 lines
927 B
Diff
From 23882383d45dcd37b5177835c873f4e1d9582db1 Mon Sep 17 00:00:00 2001
|
|
From: Explorer09 <explorer09@gmail.com>
|
|
Date: Fri, 13 Oct 2017 16:59:26 +0800
|
|
Subject: [PATCH] scanner: prevent overflow in add_action()
|
|
|
|
---
|
|
src/misc.c | 5 ++---
|
|
1 file changed, 2 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/misc.c b/src/misc.c
|
|
index fa33a5b..745e6a8 100644
|
|
--- a/src/misc.c
|
|
+++ b/src/misc.c
|
|
@@ -116,15 +116,14 @@ void add_action (const char *new_text)
|
|
int len = (int) strlen (new_text);
|
|
|
|
while (len + action_index >= action_size - 10 /* slop */ ) {
|
|
- int new_size = action_size * 2;
|
|
|
|
- if (new_size <= 0)
|
|
+ if (action_size > INT_MAX / 2)
|
|
/* Increase just a little, to try to avoid overflow
|
|
* on 16-bit machines.
|
|
*/
|
|
action_size += action_size / 8;
|
|
else
|
|
- action_size = new_size;
|
|
+ action_size = action_size * 2;
|
|
|
|
action_array =
|
|
reallocate_character_array (action_array,
|
|
--
|
|
1.8.3.1
|
|
|